Decade-old Threat Able To Decrypt Emails

ARS Technica is reporting that a decade-old vulnerability is able to decrypt some emails.

Attackers can obtain plain text of messages that are encrypted using the PGP and S/MIME standards. The attacks assume that an attacker has possession of the encrypted emails and can trick either the original sender or one of the recipients into opening an invisible snippet of the intercepted message in a new email.

Link Source’s Jeff Dye explains why this threat looms large:

“The Efail vulnerability covers a larger range of email clients using PGP and S/MIME technology. It can effect email records over a more than 10 year window so the surface area for risk is higher than most vulnerabilities of this nature. Time and time again we see native encryption on devices and in email clients being taken advantage of by attackers. Efail is a scary reminder of why it is important to have a third party email encryption/decryption solution.”

The most serious vulnerabilities have resided in Thunderbird, macOS Mail, and Outlook for more than 10 years and remain unfixed at the moment, the researchers said. Flaws in the way the programs handle emails with multiple body parts make it possible to embed invisible snippets of previously obtained encrypted text in new emails. By also including the Web address of an attacker-controlled server, the newly sent emails can cause the programs to send the corresponding plaintext to the server. The surreptitious exfiltration works against both the PGP and S/MIME standards.

Protecting Your Privacy

Too many users rely on embedded or bundled security options. Especially in a compliance setting, this is absolutely not enough. Consider the following stats around data privacy and why 3rd party encryption is vital for your organization. Contact the team of security experts at Link Source today and schedule your free risk assessment.

1. Half of employees take confidential corporate data with them after leaving a company

While your nightmares may be filled with hackers from Russia drinking energy drinks and wearing hoodies, a serious breach may be more likely to come from Jim in Accounting; research indicates that many, if not most employees have few qualms about brazenly stealing data from their employers, especially if they were fired from the company. Of the half that reported stealing data, 40% planned to use it in their new jobs.

2. The two most expensive viruses in history both caused nearly $40 billion in damage

MyDoom (which is actually thought to originate from Russia) is considered to be the most expensive computer virus of all time, with a reported $38.5 billion of financial damage inflicted on victims around the globe. In 2004, when the virus was at its peak, it was estimated that one quarter of all emails worldwide were infected with the virus. In comparison, SoBIg, the second-largest virus today (which debuted in 2003), was estimated to have caused $37.1 billion in damages.

In recent years, viruses have been smaller in size, on average – but that doesn’t make them any less harmful to companies. For example, starting in 2013, a ransomware Trojan called CryptoLocker began taking the data on individual computers hostage and threatening to permanently lock out victims unless they paid a ransom. The criminal or criminals who initiated CryptoLocker are believed to have profited at least $3 million off the scheme.

Currently, records are being stolen at a rate of more than 1 billion per year – and data suggests that the rate of data theft will only keeping climbing over the next few years. Nearly every major corporate player has been affected by some form of data breach; from Home Depot and JPMorgan Chase in 2014 to the famous 2015 Sony data breach, later theorized (but not proven) to be the work of a specialized North Korean government hacking unit.

4. In 7.1% of data breaches, an attacker was able compromise a system and exfiltrate data in under 1 minute

In addition to the stunning amount of attacks that are successful in under 1 minute, attackers were able to exfiltrate data in under one hour in 21.2% of breaches. These statistics show that when it comes to data security, time is never on our side. This means that solutions need to help prevent and deflect threats as quickly as possible – or simply make the data unusable – in order to effectively secure sensitive information.

Not all data breaches are discovered right away. And many of the most skilled criminals try to never leave a trace when they infiltrate a computer system. This significant gap between the time of data exfiltration and time of discovery is just one of the reasons why data breaches can be so destructive.